Apple gave Uber's app 'unprecedented' access to sensitive Apple features that can record iPhone screens

Uber's iPhone app has a secret back door to powerful Apple
features, allowing the ride-hailing service to potentially record
a user's screen and access other personal information without
their knowledge.

This access to special iPhone functions - which are so powerful
that Apple almost always keeps them off-limits to outside
companies - is not disclosed in any consumer-facing information
included with Uber's app.

Although there is no evidence that Uber used its access to take
advantage of the iPhone features, the revelation that the app has
access to privileged Apple code raises important questions for a
company already under investigation for other controversial
business practices.

Uber told Business Insider the code was not being used and was
essentially a vestige of an earlier version of its Apple Watch
app.

However, it has set off alarm bells among experts.

"Granting such a sensitive entitlement to a third party is
unprecedented, as far as I can tell - no other app developers
have been able to convince Apple to grant them entitlements
they've needed to let their apps utilize certain privileged
system functionality," Will
Strafach, a security researcher who discovered the situation,
told Business Insider.

Here's how it works

Nearly every iPhone app uses what is called an "entitlement" -
basically, a way for software to enable features like the camera
or Apple Pay on iPhones and iPads. Most of these can be easily
found and turned on by outside app developers.

But there are certain entitlements used only by Apple, giving the
company's software tight integration with the iPhone. These bits
have names that start with "com.apple.private," and they are
considered so sensitive that any third-party app found using them
is rejected from the App Store.

After digging around in the code of Uber's app, Strafach
discovered it used an entitlement called
"com.apple.private.allow-explicit-graphics-priority."

"It is very odd to see Uber as the only app (I checked tens of
thousands of other apps using my
company's internal data set derived from the App Store)
besides Apple's own apps granted access to this sensitive
entitlement," Strafach said in an email. Another person said that
out of the top 200 free apps, no other used private Apple
entitlements.

Uber says Apple gave it permission to use the private entitlement
and that it used it for an earlier version of its Apple Watch app
to render maps on the iPhone. The entitlement is not currently
being used, Uber says.

"Apple gave us this permission because early versions of Apple
Watch were unable to adequately handle the level of map rendering
in the Uber app," an Uber representative, Melanie Ensign, told
Business Insider. "Subsequent updates to Apple Watch and our app
removed this dependency, and we're working with Apple to remove
the API completely."

Lots of other iOS developers would like special access to private
Apple entitlements for both legitimate and illegitimate

The one Uber was using, for example, could be used to record a
user's screen, said Thomas Jansen, the founder of the security
research company Crissy
Field.

"Imagine any app would be able to use an entitlement like that
and just record your screen without you knowing," he said. That's
why Apple doesn't allow just any company to use private
entitlements.

Apple didn't comment. But one reason Apple may have let Uber use
this sensitive piece of code - which most likely would have
needed approval from senior management - is that Apple
demonstrated the Uber app onstage when it
introduced the Apple Watch in 2015, and Uber was a launch app
for the Apple Watch.

Apple

Hard to trust

Uber has previously been caught violating the rules of the App
Store, and it has a history of pushing boundaries when it comes
to building software that
may break laws or be unethical.

After Uber was found to have used internal Apple abilities to tag
and track individual iPhones even after they were wiped, the
former Uber CEO Travis Kalanick was summoned to Apple's
headquarters. There, Apple CEO Tim Cook scolded him and, in a
private meeting with Kalanick, threatened to pull the Uber app
from the App Store,
The New York Times reported.

The meeting reportedly took place in early 2015, around the time
Apple launched the Apple Watch.

"I guess there is some kind of extremely special relationship
there, considering Apple granted them exclusive access to a
privileged IOKit API a little while after they were abusing other
unrelated IOKit APIs in violation of the App Store rules (with no
repercussions at all)," Strafach said.

The deception apparently didn't scare Apple.
Texts published as part of a lawsuit revealed that Kalanick
privately said he continued to meet with Cook - including,
supposedly, once in May 2016.

Apple became an Uber investor through its investment in the
Chinese ride-hailing company Didi Chuxing. In 2016, Didi merged
with Uber's Chinese subsidiary.

Kalanick resigned in June. Uber's current CEO, Dara Khosrowshahi,
has not yet publicly said anything about the $69 billion
startup's relationship with Apple, but he has addressed the
company's culture of rule bending.

A recent change to iOS, the software that powers iPhones, allowed
Uber users to prevent the app from
collecting their location while they weren't using it.